package com.stop.think.shiro.web.controller;

import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/emp")
public class EmpController {

    @GetMapping("/login")
    public String login() {
        return "不拦截登录API";
    }

    @GetMapping("/admin")
    @RequiresPermissions(value = {"emp:usr:admin", "emp:usr:admin_delete"}, logical = Logical.OR)
    public String admin() {
        return "admin";
    }

    @GetMapping("/normal")
    @RequiresPermissions("emp:usr:normal")
    public String normal() {
        return "normal";
    }
}
